EDI
API DocsTerminal
NEW!
Programmatically translate EDI to JSON with the EDI Core REST API
Get started in minutes →
Segment
in
X12 Release 005040

S3S Security Header Level 1

To initiate the beginning of a secured area and to provide the parameters needed for authentication or encryption of a functional group
Sequence
Element
Name
Type
Requirement
Min
Max
Repeat
01
1621
Security Version/Release Identifier Code
Identifier (ID)
Mandatory
6
6
1
Code indicating the version/release of the ASC X12 standard that is being used for this specific security structure. The version/release identified for this segment also applies to any corresponding trailer or security value segment. This version/release is independent of any other version/release identified in another security segment at the transaction set or functional group level. This version/release is independent of the version/release identified at the interchange or functional group level
Codes (2)
02
Security Type Code
Identifier (ID)
Mandatory
2
2
1
Code identifying the security algorithms and methods applied for this level of interchange
If S3S02 is "AA", "BB", "AC", or "BC", then S3S05 is required.
If S3S02 is "BB", "EE", "AC", or "EC", then S3S08 is required.
If S3S02 is "CC" then S3S09 is required.
Codes (7)
03
Security Originator Name
String (AN)
Mandatory
1
64
1
Unique designation (identity) of the cryptographic process that performs authentication or encryption on data to be interchanged, or originates a cryptographic service message Note: X9 has a minimum length of 4 characters for the security originator; no mechanism, or registration method is provided by X9 or X12 to guarantee the uniqueness of the identifier
X9 has a required minimum length of four characters for S3S03 (security originator). No mechanism, or registration method, is provided by X9 or X12 to guarantee uniqueness of the identifier.
04
Security Recipient Name
String (AN)
Optional
1
64
1
Unique designation (identity) of the cryptographic process that performs authentication or decryption on received data, or is the destination of a cryptographic service message Note: X9 has a minimum length of 4 characters for the security recipient; no mechanism, or registration method is provided by X9 or X12 to guarantee the uniqueness of the identifier
X9 has a required minimum length of four characters for S3S04 (security recipient). No mechanism, or registration method, is provided by X9 or X12 to guarantee uniqueness of the identifier.
05
Authentication Key Name
String (AN)
Conditional
1
64
1
Name of the key used for authentication; this name is mutually known to the security originator and the security recipient, is unique for this relationship, and is intended to allow the changing of the key from time to time Note: The special key name "0123456789ABCDEF" is reserved for the hexadecimal value 0123456789ABCDEF (i.e. a fixed non-secret value) to provide a well-known value for data integrity testing only)
P0506
In S3S05, the special name "01234567890ABCDEF" is reserved for the hexadecimal value 01234567890ABCDEF (i.e., a fixed, non-secret value) to provide a well-known value for data-integrity testing only.
06
Authentication Service Code
Identifier (ID)
Conditional
1
1
1
Authentication options
Codes (7)
07
Certificate Look-up Information
Composite (composite)
Optional
1
01
Look-up Value Protocol Code
Identifier (ID)
Mandatory
2
2
-
Code specifying the protocol used to identify a certificate
Codes (4)
02
Filter ID Code
Identifier (ID)
Mandatory
3
3
-
Code specifying the type of filter used to convert data code values
Codes (8)
03
Version Identifier
String (AN)
Mandatory
1
30
-
Revision level of a particular format, program, technique or algorithm
04
Look-up Value
String (AN)
Mandatory
1
4096
-
Value used to identify a certificate containing a public key
05
Look-up Value Protocol Code
Identifier (ID)
Conditional
2
2
-
Code specifying the protocol used to identify a certificate
P05060708
Codes (4)
06
Filter ID Code
Identifier (ID)
Conditional
3
3
-
Code specifying the type of filter used to convert data code values
Codes (8)
07
Version Identifier
String (AN)
Conditional
1
30
-
Revision level of a particular format, program, technique or algorithm
08
Look-up Value
String (AN)
Conditional
1
4096
-
Value used to identify a certificate containing a public key
09
Look-up Value Protocol Code
Identifier (ID)
Conditional
2
2
-
Code specifying the protocol used to identify a certificate
P09101112
Codes (4)
10
Filter ID Code
Identifier (ID)
Conditional
3
3
-
Code specifying the type of filter used to convert data code values
Codes (8)
11
Version Identifier
String (AN)
Conditional
1
30
-
Revision level of a particular format, program, technique or algorithm
12
Look-up Value
String (AN)
Conditional
1
4096
-
Value used to identify a certificate containing a public key
08
Encryption Key Information
Composite (composite)
Conditional
1
01
Encryption Key Name
String (AN)
Mandatory
1
64
-
Name of the key used for encryption; this name is mutually known to the security originator and the security recipient, is unique for this relationship, and is intended to allow the changing of the key from time to time Note: If any of the optional fields are present, the Key Name should contain either "PUBLIC" if a public key is being used to encrypt the one-time key or the actual name of the asymmetric key-encrypting-key used to encrypt the one-time key.
02
Protocol ID
Identifier (ID)
Optional
3
3
-
Code specifying protocol used to encrypt the session key
Codes (6)
03
Keying Material
String (AN)
Optional
1
512
-
Additional material required for decrypting the one-time key
04
One-time Encryption Key
String (AN)
Optional
1
512
-
Hexadecimally filtered encrypted one-time key
09
Encryption Service Information
Composite (composite)
Conditional
1
01
Encryption Service Code
Identifier (ID)
Mandatory
1
3
-
Coded values representing options for encryption processing, including the use of compression and filtering; the code either defines the encryption mode and the transmission filter specification for filtering binary data into transmittable text or specifics that the following subelements define these values
Codes (12)
02
Algorithm ID
Identifier (ID)
Optional
3
3
-
Algorithm used for Encryption
Codes (10)
03
Algorithm Mode of Operation
Identifier (ID)
Optional
3
3
-
Mode of Operation of the Encryption Algorithm
Codes (5)
04
Filter ID Code
Identifier (ID)
Conditional
3
3
-
Code specifying the type of filter used to convert data code values
P0405
Codes (8)
05
Version Identifier
String (AN)
Conditional
1
30
-
Revision level of a particular format, program, technique or algorithm
06
Compression ID
Identifier (ID)
Conditional
3
3
-
Type of Compression Used
P0607
Codes (3)
07
Version Identifier
String (AN)
Conditional
1
30
-
Revision level of a particular format, program, technique or algorithm
08
Length of Initialization Vector
Numeric (N)
Optional
1
3
-
Value indicating the length of the initialization vector contained
10
Length of Data
Numeric (N)
Conditional
1
18
1
Length of data is the number of character positions of the compressed or encrypted/filtered text; when data is plain text, this field shall be absent
11
Transformed Data
Binary (B)
Conditional
1
10000000000000000
1
Binary or filtered data having one or more security policy options applied; transformed data may represent compressed, encrypted, or compressed and encrypted plaintext
The first set of characters in DE 1700, with a length defined by the C03208 value (DE 1704), is the initialization vector (IV). The IV is followed by a stream of data, whose length is equal to S3S10 minus C03208.
Stedi is a registered trademark of Stedi, Inc. Stedi's EDI Reference and Mapping Guides are provided for marketing purposes and are free of charge. All names, logos, and brands of third parties listed on our site are trademarks of their respective owners (including “X12”, which is a trademark of X12 Incorporated). Stedi, Inc. and its products and services are not endorsed by, sponsored by, or affiliated with these third parties. Our use of these names, logos, and brands is for identification purposes only, and does not imply any such endorsement, sponsorship, or affiliation.
Stedi is a registered trademark of Stedi, Inc. Stedi's EDI Reference and Mapping Guides are provided for marketing purposes and are free of charge. All names, logos, and brands of third parties listed on our site are trademarks of their respective owners (including “X12”, which is a trademark of X12 Incorporated). Stedi, Inc. and its products and services are not endorsed by, sponsored by, or affiliated with these third parties. Our use of these names, logos, and brands is for identification purposes only, and does not imply any such endorsement, sponsorship, or affiliation.